• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved virus or malware issues

Status
Not open for further replies.
Avik Majumder

Avik Majumder

PCHF Member
Sep 6, 2017
12
3
26
#1
Hello,
My default browser(GOOGLE CHROME) opens up automatically and repeatedly and it also happens with other browsers. I can't do another work peacefully because browser opens up too many new tabs again and again......:( Please help me.....:(
 
#2
Hi @Avik Majumder and welcome to PCHF :)

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu.

icon2-jpg.794


If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.

frst-disclaimer-jpg.795

Accept the default whitelist options,
If the additions.txt options box is not checked please select it.
Then select "Scan"

frst-jpg.796


Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.

2016-08-12_152002-jpg.797


Please Copy and Paste the contents of these logs in your next post for review by our Security Team
 
#3
Thanks for your quick reply.....
These are those two logs-

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Avik (administrator) on DESKTOP-CE5TDPD (07-09-2017 02:44:01)
Running from E:\SOFTWARS\Antivirus
Loaded Profiles: Avik (Available Profiles: Avik)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\ARWSRVC.EXE
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\SCSECSVC.EXE
() C:\Program Files\Quick Heal\Quick Heal Total Security\BSSISS.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\OPSSVC.EXE
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\BDSSVC.EXE
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\ASGT.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\reprsvc.exe
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\QUHLPSVC.EXE
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Quick Heal Technologies Ltd.) C:\Program Files\Quick Heal\Quick Heal Total Security\onlinent.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Quick Heal Core UI] => C:\Program Files\Quick Heal\Quick Heal Total Security\strtupap.exe [224384 2017-06-15] (Quick Heal Technologies Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2016-11-25] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4027504 2017-08-05] (Tonec Inc.)
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\Run: [f.lux] => C:\Users\Avik\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\Run: [GoogleChromeAutoLaunch_8792BD90C06119FBEB1D92F7E17D8836] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-04] (Google Inc.)
Lsa: [Notification Packages] scecli C:\Windows\system32\ScSecAuth.Dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\!qhlogs.doc [2017-09-05] ()
Startup: C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\!qhlogs.doc [2017-09-05] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{e1379896-fad4-4e33-820f-40a3f550d011}: [NameServer] 172.16.0.1,172.31.4.48,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://172.31.4.164:30080/wip/home.do
SearchScopes: HKU\S-1-5-21-2778354026-2690110298-1722166411-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2778354026-2690110298-1722166411-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

FireFox:
========
FF DefaultProfile: mw3951w9.default-1504705800113
FF ProfilePath: C:\Users\Avik\AppData\Roaming\Mozilla\Firefox\Profiles\mw3951w9.default-1504705800113 [2017-09-07]
FF Homepage: Mozilla\Firefox\Profiles\mw3951w9.default-1504705800113 -> hxxps://www.google.com/
FF Extension: (Hotspot Shield Free VPN Proxy – Unblock Sites) - C:\Users\Avik\AppData\Roaming\Mozilla\Firefox\Profiles\mw3951w9.default-1504705800113\Extensions\hotspot-shield@anchorfree.com.xpi [2017-09-06]
FF Extension: (Adblock Plus) - C:\Users\Avik\AppData\Roaming\Mozilla\Firefox\Profiles\mw3951w9.default-1504705800113\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-09-06]
FF Extension: (Firefox Screenshots) - C:\Users\Avik\AppData\Roaming\Mozilla\Firefox\Profiles\mw3951w9.default-1504705800113\features\{aee65950-42e3-4a09-a955-6559f4c8bb3e}\screenshots@mozilla.org.xpi [2017-09-06]
FF HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (No Name) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-07-14]
FF HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Avik\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Avik\AppData\Roaming\IDM\idmmzcc5 [2017-08-30] [not signed]
FF HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-08-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default [2017-09-07]
CHR Extension: (Google Docs) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-07]
CHR Extension: (Adblock Plus) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-07]
CHR Extension: (Betternet Unlimited Free VPN Proxy) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjknjjomckknofjidppipffbpoekiipm [2017-09-07]
CHR Extension: (360 Internet Protection) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-09-07]
CHR Extension: (IDM Integration Module) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2017-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-07]
CHR Extension: (Chrome Media Router) - C:\Users\Avik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-07]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-08-05]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-08-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 arwsrvc; C:\Program Files\Quick Heal\Quick Heal Total Security\ARWSRVC.EXE [74840 2017-09-05] (Quick Heal Technologies Ltd.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 Behavior Detection System; C:\Program Files\Quick Heal\Quick Heal Total Security\bdssvc.exe [38528 2017-06-15] (Quick Heal Technologies Ltd.)
R2 Core Mail Protection; C:\Program Files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE [67200 2017-06-15] (Quick Heal Technologies Ltd.)
R2 Core Scanning Server; C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [295040 2017-06-15] (Quick Heal Technologies Ltd.)
S3 Core Scanning ServerEx; C:\Program Files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [295040 2017-06-15] (Quick Heal Technologies Ltd.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [513144 2017-08-22] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
R2 Online Protection System; C:\Program Files\Quick Heal\Quick Heal Total Security\opssvc.exe [71808 2017-06-15] (Quick Heal Technologies Ltd.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2016-11-25] (QIHU 360 SOFTWARE CO. LIMITED)
R2 Quick Update Service; C:\Program Files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe [173184 2017-07-04] (Quick Heal Technologies Ltd.)
R2 RepairService; C:\Program Files\Quick Heal\Quick Heal Total Security\reprsvc.exe [43136 2017-09-05] (Quick Heal Technologies Ltd.)
R2 ScanWscS; C:\Program Files\Quick Heal\Quick Heal Total Security\SCANWSCS.EXE [363496 2017-06-15] (Quick Heal Technologies Ltd.)
R2 ScSecSvc; C:\Program Files\Quick Heal\Quick Heal Total Security\ScSecSvc.exe [643200 2017-06-15] (Quick Heal Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [160768 2016-11-25] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [95232 2016-11-25] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2016-11-25] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [339456 2016-11-25] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [57856 2016-11-25] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [400384 2016-11-25] (360.cn)
R3 arwflt; C:\Windows\System32\DRIVERS\arwflt.sys [101440 2017-09-05] (Quick Heal Technologies Ltd.)
R3 atkldrvr; C:\Windows\System32\DRIVERS\atkldrvr.sys [57144 2017-04-27] (Quick Heal Technologies Ltd.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [197632 2016-11-25] (360.cn)
R1 bdsflt; C:\Windows\System32\DRIVERS\bdsflt.sys [391392 2017-03-14] (Quick Heal Technologies Ltd.)
R2 bdsnm; C:\Windows\system32\DRIVERS\bdsnm.sys [49968 2017-01-18] (Quick Heal Technologies Ltd.)
R3 bsfs; C:\Windows\System32\DRIVERS\bsfs.sys [99368 2017-04-27] (Quick Heal Technologies Ltd.)
R2 catflt; C:\Windows\System32\DRIVERS\catflt.sys [158576 2017-05-23] (Quick Heal Technologies Ltd.)
R3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2017-08-30] (Disc Soft Ltd)
S0 elamdrv; C:\Windows\System32\DRIVERS\elamdrv.sys [37536 2016-01-25] (Quick Heal Technologies Ltd.)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
R2 emlssx; C:\Windows\system32\DRIVERS\emlssx.sys [39792 2016-04-12] (Quick Heal Technologies Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77376 2017-09-03] ()
R1 ggc; C:\Windows\System32\DRIVERS\ggc.sys [95792 2017-04-27] (Quick Heal Technologies Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-30] (REALiX(tm))
R3 kbfltr; C:\Windows\system32\DRIVERS\kbfltr.sys [39152 2017-04-27] (Quick Heal Technologies Ltd.)
S3 llio; C:\Windows\system32\DRIVERS\llio.sys [90096 2017-05-23] (Quick Heal Technologies Ltd.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [188352 2017-09-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [101784 2017-09-07] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253856 2017-09-07] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [93600 2017-09-07] (Malwarebytes)
S0 mscank; C:\Windows\System32\DRIVERS\mscank.sys [62344 2017-04-27] (Quick Heal Technologies Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-08-22] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [984032 2017-08-30] (Realtek )
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R0 webssx; C:\Windows\System32\drivers\webssx8.sys [91280 2016-03-25] (Quick Heal Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-07 02:43 - 2017-09-07 02:44 - 000000000 ____D C:\FRST
2017-09-07 02:40 - 2017-09-07 02:40 - 000002348 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-07 02:40 - 2017-09-07 02:40 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-07 02:40 - 2017-09-07 02:40 - 000000004 ____H C:\ProgramData\cm-lock
2017-09-07 02:39 - 2017-09-07 02:39 - 000016148 _____ C:\Windows\system32\DESKTOP-CE5TDPD_Avik_HistoryPrediction.bin
2017-09-07 02:39 - 2017-09-07 02:39 - 000000000 ___HD C:\Users\Avik\ScStore
2017-09-07 01:12 - 2017-09-07 01:12 - 000001966 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-09-07 01:12 - 2017-09-07 01:12 - 000000000 ____D C:\Program Files\HitmanPro
2017-09-07 01:11 - 2017-09-07 01:15 - 000000000 ____D C:\ProgramData\HitmanPro
2017-09-07 00:18 - 2017-09-07 00:18 - 172331747 _____ C:\Users\Avik\Downloads\Kajra Re - Full Song - Bunty Aur Babli - Amitabh Bachchan - Abhishek Bachchan - Aishwarya Rai - YouTube.MKV
2017-09-06 23:58 - 2017-09-06 23:58 - 071251639 _____ C:\Users\Avik\Downloads\oo la la full song hd 1080p - YouTube.MKV
2017-09-06 20:54 - 2017-09-06 20:54 - 000189240 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-06 20:08 - 2017-09-06 20:08 - 109919869 _____ C:\Users\Avik\Downloads\Dhak Dhak Karne Laga - Beta Madhuri Dixit Hot 1080p Full HD Song Lyrics in description - YouTube.MKV
2017-09-06 19:59 - 2017-09-06 20:00 - 073082417 _____ C:\Users\Avik\Downloads\I Love You (HD) - Mr.India - YouTube.MKV
2017-09-06 19:47 - 2017-09-06 19:47 - 070046383 _____ C:\Users\Avik\Downloads\Dhoom 3 Kamli Hindi Full Video Song Bluray 1080p x264 AliBluRayVideos - YouTube.MKV
2017-09-06 19:44 - 2017-09-06 19:44 - 000000000 ____D C:\Users\Avik\AppData\LocalLow\uTorrent
2017-09-06 19:33 - 2017-09-06 19:33 - 037518706 _____ C:\Users\Avik\Downloads\Bheegey Hont Tere (High Quality) - YouTube.MKV
2017-09-06 19:23 - 2017-09-06 19:23 - 000000000 ____D C:\Users\Avik\Downloads\They Look Like People 2015
2017-09-06 16:27 - 2017-09-06 16:27 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\0BA6250C.sys
2017-09-06 15:29 - 2017-09-06 15:29 - 000007605 _____ C:\Users\Avik\AppData\Local\Resmon.ResmonCfg
2017-09-06 14:24 - 2017-09-06 14:29 - 000000886 _____ C:\Users\Avik\Desktop\ACS - Shortcut.lnk
2017-09-06 12:05 - 2017-09-06 12:05 - 052357300 _____ C:\Users\Avik\Downloads\Tum Hi Ho Aashiqui 2 blu ray Full Song 1080p HD - YouTube.MKV
2017-09-06 12:04 - 2017-09-06 12:18 - 000000000 ____D C:\Users\Avik\Documents\Assassin's Creed Syndicate
2017-09-06 12:04 - 2017-09-06 12:04 - 000000000 ____D C:\Users\Avik\AppData\Roaming\uplay
2017-09-06 12:02 - 2017-09-06 12:02 - 038705438 _____ C:\Users\Avik\Downloads\Yeh Jism Hai To Kya - Ali Azmat - Jism 2 2012 HD - YouTube.MKV
2017-09-06 12:01 - 2017-09-06 12:02 - 033226815 _____ C:\Users\Avik\Downloads\IJAZAT Video Song ONE NIGHT STAND Sunny Leone, Tanuj Virwani Arijit Singh, Meet Bros - YouTube.MKV
2017-09-06 11:59 - 2017-09-06 11:59 - 037334878 _____ C:\Users\Avik\Downloads\-Mohabbat Barsa De- Full Video Song Ft. Arjun - Creature 3D, Surveen Chawla - Sawan Aaya Hai - YouTube_2.MKV
2017-09-06 11:57 - 2017-09-06 11:57 - 036472531 _____ C:\Users\Avik\Downloads\-Mohabbat Barsa De- Full Video Song Ft. Arjun - Creature 3D, Surveen Chawla - Sawan Aaya Hai - YouTube.MKV
2017-09-06 11:56 - 2017-09-06 11:56 - 049497477 _____ C:\Users\Avik\Downloads\Pink Lips - YouTube.MKV
2017-09-06 11:45 - 2017-09-06 16:13 - 1752596480 _____ C:\Users\Avik\Downloads\_Oceanofgames.com_Hatred.iso
2017-09-06 01:36 - 2017-09-06 01:37 - 000000000 ____D C:\Users\Avik\Downloads\A Dark Song
2017-09-06 00:07 - 2017-09-06 20:41 - 000000000 ____D C:\ProgramData\360Quarant
2017-09-06 00:06 - 2017-09-07 02:43 - 000000000 ____D C:\Users\Avik\AppData\LocalLow\360WD
2017-09-06 00:06 - 2017-09-06 00:52 - 000000000 ____D C:\ProgramData\360safe
2017-09-06 00:06 - 2017-09-06 00:07 - 000000000 ____D C:\Users\Avik\AppData\Roaming\360safe
2017-09-06 00:06 - 2017-09-06 00:06 - 000000000 _RSHD C:\360SANDBOX
2017-09-06 00:06 - 2017-09-06 00:06 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-09-06 00:06 - 2017-09-06 00:06 - 000000000 ____D C:\Users\Avik\AppData\Roaming\360TotalSecurity
2017-09-06 00:06 - 2017-09-06 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-09-06 00:06 - 2017-09-06 00:06 - 000000000 ____D C:\ProgramData\360TotalSecurity
2017-09-06 00:06 - 2017-09-06 00:06 - 000000000 ____D C:\Program Files (x86)\360
2017-09-06 00:06 - 2016-11-25 18:05 - 000400384 _____ (360.cn) C:\Windows\system32\Drivers\360FsFlt.sys
2017-09-06 00:06 - 2016-11-25 18:05 - 000339456 _____ (360.cn) C:\Windows\system32\Drivers\360Box64.sys
2017-09-06 00:06 - 2016-11-25 18:05 - 000197632 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV64.sys
2017-09-06 00:06 - 2016-11-25 18:05 - 000160768 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker64.sys
2017-09-06 00:06 - 2016-11-25 18:05 - 000095232 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2017-09-06 00:06 - 2016-11-25 18:05 - 000057856 _____ (360.cn) C:\Windows\system32\Drivers\360Camera64.sys
2017-09-06 00:05 - 2017-09-06 01:10 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-05 15:24 - 2017-09-05 22:04 - 1041585609 _____ C:\Users\Avik\Downloads\Bug 2006 [ Bolly4u.org ] 720p Esub BrRiP Dual Audio English Hindi.mkv
2017-09-05 14:45 - 2017-09-05 16:24 - 704175066 _____ C:\Users\Avik\Downloads\Fun Size 2012 M-HD 720p Esub BluRay Dual Audio English Hindi GOPISAHI.mkv
2017-09-05 14:44 - 2017-09-05 22:03 - 793668199 _____ C:\Users\Avik\Downloads\Contraband 2012 720p Esub BluRay Dual Audio English Hindi GOPISAHI.mkv
2017-09-04 01:46 - 2017-09-04 01:46 - 000000000 ____D C:\Users\Avik\AppData\Local\ElevatedDiagnostics
2017-09-03 16:13 - 2017-09-07 02:39 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-03 16:13 - 2017-09-07 02:39 - 000101784 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-03 16:13 - 2017-09-07 02:39 - 000093600 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-03 16:13 - 2017-09-07 02:39 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-03 16:13 - 2017-09-06 20:33 - 000188352 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-03 16:13 - 2017-09-03 16:25 - 000077376 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-03 16:13 - 2017-09-03 16:13 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-03 16:13 - 2017-09-03 16:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-03 16:13 - 2017-09-03 16:13 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-03 02:43 - 2017-09-03 02:43 - 000003880 _____ C:\Windows\System32\Tasks\{A9D60657-216F-4CC3-A723-3361E6E101AC}
2017-09-02 22:25 - 2017-09-02 22:25 - 000000000 ____D C:\Program Files\EaseUS
2017-09-02 21:26 - 2017-09-02 22:15 - 000000000 ____D C:\Users\Avik\Downloads\Deadpool (2016) 720p Blu-Ray [Dual-Audio][English + Hindi BD 5.1] - Zaeem
2017-09-02 21:25 - 2017-09-03 11:21 - 1146290574 _____ C:\Users\Avik\Downloads\Snowpiercer (2013) 720p Blu-Ray Dual Audio [English + Hindi][love Rulz].mkv
2017-09-02 21:09 - 2017-09-02 21:09 - 000253856 _____ (Malwarebytes) C:\Windows\system32\Drivers\10F344DC.sys
2017-09-02 21:03 - 2017-09-02 21:03 - 000000000 ____D C:\ProgramData\TEMP
2017-09-02 21:03 - 2009-02-12 15:11 - 000026024 _____ (EldoS Corporation) C:\Windows\system32\Drivers\rsdrvx64.sys
2017-09-02 19:52 - 2017-09-07 02:43 - 000000068 __RSH C:\Windows\system32\Drivers\xboxgip.winsecurity
2017-09-02 19:52 - 2017-09-07 02:37 - 000000068 __RSH C:\Windows\system32\Drivers\WpdUpFltr.winsecurity
2017-09-02 19:51 - 2017-09-02 19:59 - 000000000 ____D C:\ProgramData\CodeMeter
2017-09-02 19:51 - 2017-09-02 19:51 - 000000000 ____D C:\Program Files\CodeMeter
2017-09-02 19:51 - 2017-09-02 19:51 - 000000000 ____D C:\Program Files (x86)\CodeMeter
2017-09-02 19:51 - 2017-07-26 17:38 - 000957912 _____ (WIBU-SYSTEMS AG) C:\Windows\system32\WibuCm64.dll
2017-09-02 19:51 - 2017-07-26 17:38 - 000794584 _____ (WIBU-SYSTEMS AG) C:\Windows\SysWOW64\WibuCm32.dll
2017-09-02 19:33 - 2017-09-02 19:33 - 000000000 ____D C:\Users\Avik\AppData\Roaming\AmazingFileRecovery
2017-09-02 10:42 - 2017-09-03 16:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-02 10:42 - 2017-09-02 10:42 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
2017-09-01 20:12 - 2017-09-01 20:43 - 732231817 _____ C:\Users\Avik\Downloads\MoviesCounter.Under.the.Shadow.2016.HR.mkv
2017-09-01 20:01 - 2017-09-01 20:01 - 000002106 _____ C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FarCry4 - Shortcut.lnk
2017-09-01 20:01 - 2017-09-01 20:01 - 000001368 _____ C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PES2017 - Shortcut.lnk
2017-09-01 19:55 - 2017-09-01 19:55 - 000000000 ____D C:\Users\Avik\AppData\Local\CrashRpt
2017-09-01 16:50 - 2017-09-02 21:27 - 000000000 _____ C:\AUTOEXEC.BAT
2017-09-01 15:51 - 2017-09-01 19:18 - 000000008 __RSH C:\Users\Avik\ntuser.pol
2017-09-01 14:50 - 2017-09-01 19:28 - 000000000 ____D C:\Users\Avik\AppData\Local\Avg
2017-09-01 14:50 - 2017-09-01 19:28 - 000000000 ____D C:\ProgramData\Avg
2017-09-01 14:50 - 2017-09-01 19:25 - 000000000 ____D C:\Users\Avik\AppData\Local\AvgSetupLog
2017-09-01 12:17 - 2017-09-01 12:17 - 000000000 ____D C:\ProgramData\X360CE
2017-09-01 11:14 - 2017-09-01 11:14 - 000000000 ____D C:\Users\Avik\Documents\Ghost Games
2017-09-01 02:23 - 2017-09-01 01:57 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.bak
2017-09-01 01:32 - 2017-09-01 01:32 - 000006305 _____ C:\Windows\regact.dat
2017-09-01 01:22 - 2017-09-07 02:07 - 000000472 _____ C:\Windows\Tasks\Resume Quickup Download.job
2017-09-01 01:22 - 2017-09-07 01:22 - 000000496 _____ C:\Windows\Tasks\Quick Heal AntiMalware Scan.job
2017-09-01 01:22 - 2017-09-05 00:53 - 000101440 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\ARWFLT.SYS
2017-09-01 01:22 - 2017-09-01 16:07 - 000003556 _____ C:\Windows\System32\Tasks\Resume Quickup Download
2017-09-01 01:22 - 2017-09-01 01:22 - 000003616 _____ C:\Windows\System32\Tasks\Quick Heal AntiMalware Scan
2017-09-01 01:22 - 2017-05-23 06:54 - 000090096 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\llio.sys
2017-09-01 01:22 - 2017-04-28 02:45 - 000077256 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\wsfilter.sys
2017-09-01 01:22 - 2017-04-27 02:22 - 000062344 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\mscank.sys
2017-09-01 01:22 - 2017-04-06 17:43 - 000481944 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\ScDetour.Dll
2017-09-01 01:22 - 2017-04-06 17:43 - 000405104 _____ (Quick Heal Technologies Ltd.) C:\Windows\SysWOW64\ScDetour.Dll
2017-09-01 01:22 - 2017-03-14 18:41 - 000132720 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\bdsaei64.dll
2017-09-01 01:22 - 2017-03-14 18:41 - 000113264 _____ (Quick Heal Technologies Ltd.) C:\Windows\SysWOW64\bdsaei32.dll
2017-09-01 01:22 - 2017-03-14 17:48 - 000391392 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\bdsflt.sys
2017-09-01 01:22 - 2017-01-18 15:10 - 000049968 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\bdsnm.sys
2017-09-01 01:22 - 2016-07-23 16:29 - 000310400 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\ScSandboxApi.dll
2017-09-01 01:22 - 2016-07-23 16:29 - 000255616 _____ (Quick Heal Technologies Ltd.) C:\Windows\SysWOW64\ScSandboxApi.dll
2017-09-01 01:22 - 2016-07-23 16:29 - 000224384 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\ScSecAuth.Dll
2017-09-01 01:22 - 2016-04-12 15:34 - 000039792 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\emlssx.sys
2017-09-01 01:22 - 2016-03-25 14:38 - 000091280 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\webssx8.sys
2017-09-01 01:22 - 2016-01-21 20:57 - 000131712 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\atklshld64.dll
2017-09-01 01:22 - 2016-01-21 20:57 - 000115840 _____ (Quick Heal Technologies Ltd.) C:\Windows\SysWOW64\atklshld32.dll
2017-09-01 01:21 - 2017-09-01 01:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quick Heal Total Security
2017-09-01 01:21 - 2017-09-01 01:22 - 000000000 ____D C:\Program Files\Common Files\Quick Heal
2017-09-01 01:21 - 2017-09-01 01:21 - 000000000 ____D C:\Program Files\Quick Heal
2017-09-01 01:18 - 2017-09-05 03:58 - 000000000 ____D C:\Windows\system32\gprodat
2017-09-01 01:18 - 2017-04-27 02:22 - 000095792 _____ (Quick Heal Technologies Ltd.) C:\Windows\system32\Drivers\ggc.sys
2017-09-01 01:03 - 2017-09-01 01:03 - 000000000 ____D C:\ProgramData\IDM
2017-09-01 00:58 - 2017-09-01 00:58 - 000000000 ____D C:\Users\Avik\AppData\Local\PeerDistRepub
2017-09-01 00:56 - 2017-09-01 00:56 - 000000000 ____D C:\Users\Avik\AppData\Local\VirtualStore
2017-09-01 00:42 - 2017-09-07 02:15 - 000000000 ____D C:\Users\Avik\AppData\Local\CrashDumps
2017-09-01 00:13 - 2017-09-01 00:13 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2017-09-01 00:04 - 2017-09-01 00:59 - 000000000 ____D C:\ProgramData\AVAST Software
2017-09-01 00:00 - 2017-09-07 01:28 - 000000000 ____D C:\Users\Avik\AppData\LocalLow\Mozilla
2017-09-01 00:00 - 2017-09-01 23:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-01 00:00 - 2017-09-01 23:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 00:00 - 2017-09-01 00:00 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-01 00:00 - 2017-09-01 00:00 - 000000993 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-01 00:00 - 2017-09-01 00:00 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Mozilla
2017-09-01 00:00 - 2017-09-01 00:00 - 000000000 ____D C:\Users\Avik\AppData\Local\Mozilla
2017-08-31 14:08 - 2017-09-02 00:52 - 000001619 _____ C:\Users\Avik\Desktop\NFS14 - Shortcut.lnk
2017-08-31 13:58 - 2017-09-01 12:52 - 000000000 ____D C:\Program Files (x86)\Need for Speed Rivals
2017-08-31 12:57 - 2017-08-31 12:57 - 000000000 ____D C:\Users\Avik\Documents\CPY_SAVES
2017-08-31 12:57 - 2017-08-31 12:57 - 000000000 ____D C:\ProgramData\KONAMI
2017-08-31 12:50 - 2017-08-31 12:50 - 000000000 ____D C:\Users\Avik\Documents\My Games
2017-08-31 12:25 - 2017-09-01 20:01 - 000001210 _____ C:\Users\Avik\Desktop\PES2017 - Shortcut.lnk
2017-08-31 12:15 - 2017-09-05 17:01 - 000000000 ____D C:\Users\Avik\Documents\KONAMI
2017-08-31 12:01 - 2017-09-01 20:01 - 000001854 _____ C:\Users\Avik\Desktop\FarCry4 - Shortcut.lnk
2017-08-31 11:59 - 2017-08-31 11:59 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Far Cry 4
2017-08-31 11:59 - 2017-08-31 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2017-08-31 11:26 - 2017-08-31 11:26 - 000000000 ____D C:\Program Files (x86)\R.G. Mechanics
2017-08-31 03:09 - 2017-08-31 03:09 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-08-31 02:14 - 2017-08-31 02:16 - 000000000 ____D C:\Users\Avik\AppData\Local\Comms
2017-08-30 15:46 - 2017-08-30 15:46 - 000984032 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2017-08-30 15:44 - 2017-08-30 15:44 - 000000000 ____D C:\Windows\IObit
2017-08-30 15:43 - 2017-08-30 15:44 - 000000000 ____D C:\Users\Avik\AppData\LocalLow\IObit
2017-08-30 15:43 - 2017-08-30 15:43 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-08-30 15:43 - 2017-08-30 15:43 - 000000000 ____D C:\Users\Avik\AppData\Roaming\IObit
2017-08-30 15:43 - 2017-08-30 15:43 - 000000000 ____D C:\ProgramData\IObit
2017-08-30 12:10 - 2017-08-30 12:10 - 000000000 ____D C:\Users\Avik\AppData\Local\MSfree Inc
2017-08-30 10:41 - 2017-08-30 10:41 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Google
2017-08-30 10:34 - 2017-09-06 00:17 - 000003016 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-30 10:34 - 2017-09-06 00:17 - 000002898 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-30 10:34 - 2017-09-06 00:17 - 000002846 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-30 10:34 - 2017-08-29 23:24 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-30 10:34 - 2017-08-29 23:24 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-30 10:34 - 2017-08-22 06:31 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-08-30 10:33 - 2017-08-22 04:40 - 000549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-08-30 10:33 - 2017-08-22 04:40 - 000082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-08-30 10:31 - 2017-08-30 10:31 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-08-30 10:31 - 2017-08-30 10:31 - 000000000 ____D C:\Program Files\MSBuild
2017-08-30 10:31 - 2017-08-30 10:31 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-08-30 10:31 - 2017-08-30 10:31 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-08-30 10:30 - 2017-08-22 06:31 - 040240248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 035924600 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 035314112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 029019072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 023132184 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 022383792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 018849456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 018297216 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 014994024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 013782904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 012225984 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 011692344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 010072768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 004162496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 003590592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438541.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 001597888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438541.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 001068152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 001004992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000972736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000690320 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000607968 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000493096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000196480 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000173272 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000169872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000144432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-08-30 10:30 - 2017-08-22 06:31 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-08-30 10:30 - 2017-08-22 06:31 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2017-08-30 10:30 - 2015-06-18 06:40 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2017-08-30 10:30 - 2015-06-18 06:40 - 000124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-08-30 10:30 - 2015-06-18 06:40 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2017-08-30 10:30 - 2015-05-30 09:37 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2017-08-30 10:30 - 2015-05-30 09:37 - 000102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-08-30 10:30 - 2015-05-30 09:37 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2017-08-30 10:25 - 2017-09-01 19:18 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-08-30 09:53 - 2017-08-30 09:53 - 000000000 ____D C:\Windows\Tasks\360Disabled
2017-08-30 04:56 - 2017-08-30 04:56 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Macromedia
2017-08-30 03:12 - 2017-08-30 03:12 - 000000000 ____D C:\Users\Avik\AppData\LocalLow\KMPlayer
2017-08-30 03:06 - 2017-08-30 03:06 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2017-08-30 03:06 - 2017-08-30 03:06 - 000000000 ____D C:\Users\Avik\AppData\Local\FluxSoftware
2017-08-30 03:05 - 2017-09-06 20:45 - 000000000 ____D C:\Users\Avik\AppData\Roaming\uTorrent
2017-08-30 03:05 - 2017-09-06 00:17 - 000000000 __SHD C:\$360Section
2017-08-30 03:05 - 2017-08-30 03:05 - 000002679 _____ C:\Users\Avik\Desktop\µTorrent.lnk
2017-08-30 03:05 - 2017-08-30 03:05 - 000002679 _____ C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-08-30 03:05 - 2016-11-25 18:05 - 000095232 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2017-08-30 03:00 - 2017-09-07 02:36 - 000000000 ____D C:\Users\Avik\AppData\Roaming\DMCache
2017-08-30 03:00 - 2017-09-07 00:34 - 000000000 ____D C:\Users\Avik\Downloads\Video
2017-08-30 03:00 - 2017-09-06 23:56 - 000000000 ____D C:\Users\Avik\AppData\Roaming\IDM
2017-08-30 03:00 - 2017-09-06 19:23 - 000000000 ____D C:\Users\Avik\Downloads\Compressed
2017-08-30 03:00 - 2017-08-30 03:00 - 000001663 _____ C:\Users\Avik\Desktop\IDMan - Shortcut.lnk
2017-08-30 03:00 - 2017-08-30 03:00 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-08-30 03:00 - 2017-08-30 03:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2017-08-30 02:59 - 2017-08-30 09:56 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-08-30 02:59 - 2017-08-30 02:59 - 000000000 ____D C:\Users\Avik\AppData\Local\Icecream
2017-08-30 02:59 - 2017-08-30 02:59 - 000000000 ____D C:\Users\Avik\.Icecream Screen Recorder
2017-08-30 02:58 - 2017-09-01 01:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-08-30 02:58 - 2017-08-30 11:38 - 000004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C937589-F9BC-450A-A463-119320C2DBAE}
2017-08-30 02:58 - 2017-08-30 02:58 - 000001192 _____ C:\Users\Public\Desktop\Icecream Screen Recorder.lnk
2017-08-30 02:58 - 2017-08-30 02:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream Screen Recorder
2017-08-30 02:58 - 2017-08-30 02:58 - 000000000 ____D C:\Program Files (x86)\Icecream Screen Recorder
2017-08-30 02:57 - 2017-09-04 01:17 - 000000000 ____D C:\Users\Avik\AppData\Roaming\vlc
2017-08-30 02:57 - 2017-08-30 02:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-08-30 02:57 - 2017-08-30 02:57 - 000000000 ____D C:\Program Files\VideoLAN
2017-08-30 02:56 - 2017-08-30 02:57 - 000000000 ____D C:\Program Files\KMPlayer
2017-08-30 02:56 - 2017-08-30 02:56 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2017-08-30 02:55 - 2017-08-31 23:52 - 000000000 ____D C:\Users\Avik\AppData\Roaming\DAEMON Tools Lite
2017-08-30 02:55 - 2017-08-30 02:55 - 000283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2017-08-30 02:55 - 2017-08-30 02:55 - 000002023 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2017-08-30 02:55 - 2017-08-30 02:55 - 000000000 ____D C:\Users\Avik\AppData\Local\MicrosoftEdge
2017-08-30 02:55 - 2017-08-30 02:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2017-08-30 02:55 - 2017-08-30 02:55 - 000000000 ____D C:\ProgramData\DAEMON Tools Lite
2017-08-30 02:55 - 2017-08-30 02:55 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2017-08-30 02:54 - 2010-06-02 17:25 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-08-30 02:54 - 2010-06-02 17:25 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-08-30 02:54 - 2010-06-02 17:25 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-08-30 02:54 - 2010-06-02 17:25 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-08-30 02:54 - 2010-06-02 17:25 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-08-30 02:54 - 2010-06-02 17:25 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-08-30 02:54 - 2010-05-27 00:11 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-08-30 02:54 - 2010-05-27 00:11 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-08-30 02:54 - 2010-05-27 00:11 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-08-30 02:54 - 2010-05-27 00:11 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-08-30 02:54 - 2010-02-04 22:31 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-08-30 02:54 - 2009-09-05 06:14 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-08-30 02:54 - 2009-09-05 06:14 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-08-30 02:54 - 2009-09-05 06:14 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-08-30 02:54 - 2009-09-05 06:14 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-08-30 02:54 - 2009-09-05 06:14 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-08-30 02:54 - 2009-09-05 06:14 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-08-30 02:54 - 2009-09-05 05:59 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-08-30 02:54 - 2009-03-17 02:48 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-08-30 02:54 - 2009-03-17 02:48 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-08-30 02:54 - 2009-03-17 02:48 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-08-30 02:54 - 2009-03-17 02:48 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-08-30 02:54 - 2009-03-17 02:48 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-08-30 02:54 - 2009-03-17 02:48 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-08-30 02:54 - 2009-03-10 03:57 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-08-30 02:54 - 2009-03-10 03:57 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-08-30 02:54 - 2009-03-10 03:57 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-08-30 02:54 - 2009-03-10 03:57 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-08-30 02:54 - 2009-03-10 03:57 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-08-30 02:54 - 2009-03-10 03:57 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-08-30 02:54 - 2008-10-27 22:34 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-08-30 02:54 - 2008-10-15 18:52 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-08-30 02:54 - 2008-10-15 18:52 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-08-30 02:54 - 2008-10-15 18:52 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-08-30 02:54 - 2008-10-15 18:52 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-08-30 02:54 - 2008-10-15 18:52 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-08-30 02:54 - 2008-10-15 18:52 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-08-30 02:54 - 2008-07-31 23:11 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-08-30 02:54 - 2008-07-31 23:11 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-08-30 02:54 - 2008-07-31 23:11 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-08-30 02:54 - 2008-07-31 23:11 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-08-30 02:54 - 2008-07-31 23:10 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-08-30 02:54 - 2008-07-31 23:10 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-08-30 02:54 - 2008-07-10 23:31 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-08-30 02:54 - 2008-07-10 23:30 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-08-30 02:54 - 2008-07-10 23:30 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-08-30 02:54 - 2008-07-10 23:30 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-08-30 02:54 - 2008-07-10 23:30 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-08-30 02:54 - 2008-07-10 23:30 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-08-30 02:54 - 2008-05-31 02:49 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-08-30 02:54 - 2008-05-31 02:49 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-08-30 02:54 - 2008-05-31 02:48 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-08-30 02:54 - 2008-05-31 02:48 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-08-30 02:54 - 2008-05-31 02:47 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-08-30 02:54 - 2008-05-31 02:47 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-08-30 02:54 - 2008-05-31 02:47 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-08-30 02:54 - 2008-05-31 02:46 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-08-30 02:54 - 2008-05-31 02:41 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-08-30 02:54 - 2008-05-31 02:41 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-08-30 02:54 - 2008-05-31 02:41 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-08-30 02:54 - 2008-05-31 02:41 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-08-30 02:54 - 2008-05-31 02:41 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-08-30 02:54 - 2008-05-31 02:41 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-08-30 02:54 - 2008-03-06 04:34 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-08-30 02:54 - 2008-03-06 04:33 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-08-30 02:54 - 2008-03-06 04:33 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-08-30 02:54 - 2008-03-06 04:33 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-08-30 02:54 - 2008-03-06 04:30 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-08-30 02:54 - 2008-03-06 04:30 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-08-30 02:54 - 2008-03-06 04:26 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-08-30 02:54 - 2008-03-06 04:26 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-08-30 02:54 - 2008-03-06 04:26 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-08-30 02:54 - 2008-03-06 04:26 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-08-30 02:54 - 2008-02-06 11:37 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-08-30 02:54 - 2008-02-06 11:37 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-08-30 02:54 - 2007-10-22 16:10 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-08-30 02:54 - 2007-10-22 16:09 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-08-30 02:54 - 2007-10-22 16:07 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-08-30 02:54 - 2007-10-22 16:07 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-08-30 02:54 - 2007-10-13 03:44 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-08-30 02:54 - 2007-10-13 03:44 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-08-30 02:54 - 2007-10-13 03:44 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-08-30 02:54 - 2007-10-13 03:44 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-08-30 02:54 - 2007-10-02 22:26 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-08-30 02:54 - 2007-10-02 22:26 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-08-30 02:54 - 2007-07-20 13:27 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-08-30 02:54 - 2007-07-20 13:27 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-08-30 02:54 - 2007-07-20 06:44 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-08-30 02:54 - 2007-07-20 06:44 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-08-30 02:54 - 2007-07-20 06:44 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-08-30 02:54 - 2007-07-20 06:44 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-08-30 02:54 - 2007-07-20 06:44 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-08-30 02:54 - 2007-07-20 06:44 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-08-30 02:54 - 2007-06-21 09:19 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-08-30 02:54 - 2007-06-21 09:16 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-08-30 02:54 - 2007-05-17 05:15 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-08-30 02:54 - 2007-05-17 05:15 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-08-30 02:54 - 2007-05-17 05:15 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-08-30 02:54 - 2007-05-17 05:15 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-08-30 02:54 - 2007-05-17 05:15 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-08-30 02:54 - 2007-05-17 05:15 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-08-30 02:54 - 2007-04-05 07:25 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-08-30 02:54 - 2007-04-05 07:25 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-08-30 02:54 - 2007-04-05 07:24 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-08-30 02:54 - 2007-04-05 07:23 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-08-30 02:54 - 2007-03-16 05:27 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-08-30 02:54 - 2007-03-16 05:27 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-08-30 02:54 - 2007-03-13 05:12 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-08-30 02:54 - 2007-03-13 05:12 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-08-30 02:54 - 2007-03-13 05:12 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-08-30 02:54 - 2007-03-13 05:12 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-08-30 02:54 - 2007-03-06 01:12 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-08-30 02:54 - 2007-03-06 01:12 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-08-30 02:54 - 2007-01-25 03:57 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-08-30 02:54 - 2007-01-25 03:57 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-08-30 02:54 - 2006-12-09 00:32 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-08-30 02:54 - 2006-12-09 00:30 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-08-30 02:54 - 2006-11-30 01:36 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-08-30 02:54 - 2006-11-30 01:36 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-08-30 02:54 - 2006-11-30 01:36 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-08-30 02:54 - 2006-11-30 01:36 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-08-30 02:54 - 2006-09-29 04:35 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-08-30 02:54 - 2006-09-29 04:35 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-08-30 02:54 - 2006-09-29 04:35 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-08-30 02:54 - 2006-09-29 04:34 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-08-30 02:54 - 2006-07-28 22:01 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-08-30 02:54 - 2006-07-28 22:00 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-08-30 02:54 - 2006-07-28 22:00 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-08-30 02:54 - 2006-07-28 22:00 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-08-30 02:54 - 2006-05-31 19:54 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-08-30 02:54 - 2006-05-31 19:52 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-08-30 02:54 - 2006-04-01 01:11 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-08-30 02:54 - 2006-04-01 01:10 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-08-30 02:54 - 2006-04-01 01:10 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-08-30 02:54 - 2006-04-01 01:09 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-08-30 02:54 - 2006-04-01 01:09 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-08-30 02:54 - 2006-04-01 01:09 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-08-30 02:54 - 2006-02-03 21:13 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-08-30 02:54 - 2006-02-03 21:13 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-08-30 02:54 - 2006-02-03 21:12 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-08-30 02:54 - 2006-02-03 21:12 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-08-30 02:54 - 2006-02-03 21:11 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-08-30 02:54 - 2006-02-03 21:11 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-08-30 02:54 - 2005-12-06 06:39 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-08-30 02:54 - 2005-12-06 06:39 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-08-30 02:54 - 2005-07-23 08:29 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-08-30 02:54 - 2005-07-23 08:29 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-08-30 02:54 - 2005-05-27 04:04 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-08-30 02:54 - 2005-05-27 04:04 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-08-30 02:54 - 2005-03-19 05:49 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-08-30 02:54 - 2005-03-19 05:49 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-08-30 02:54 - 2005-02-06 08:15 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-08-30 02:54 - 2005-02-06 08:15 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-08-30 02:53 - 2017-08-30 02:53 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-08-30 02:53 - 2017-08-30 02:53 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-30 02:53 - 2017-08-30 00:16 - 000000000 ____D C:\Users\Avik\AppData\Local\Adobe
2017-08-30 02:52 - 2017-08-30 02:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-08-30 02:52 - 2017-08-30 02:52 - 000000000 ____D C:\Program Files (x86)\7-Zip
2017-08-30 02:38 - 2017-08-30 11:58 - 000000000 ____D C:\Windows\Panther
2017-08-30 02:11 - 2017-08-30 02:11 - 000000000 ____D C:\Users\Avik\AppData\Roaming\WinRAR
2017-08-30 02:11 - 2010-12-06 07:46 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2017-08-30 02:10 - 2017-08-30 02:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-08-30 02:10 - 2017-08-30 02:10 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-30 02:10 - 2017-08-30 02:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-08-30 02:10 - 2017-08-30 02:10 - 000000000 ____D C:\Program Files\WinRAR
2017-08-30 02:07 - 2013-07-03 04:59 - 000024824 ____N (ASUSTeK Computer Inc.) C:\Windows\system32\Drivers\IOMap64.sys
2017-08-30 02:05 - 2017-08-30 02:06 - 000000000 ____D C:\Windows\Downloaded Installations
2017-08-30 02:05 - 2017-08-30 02:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-08-30 02:05 - 2017-08-30 02:06 - 000000000 ____D C:\Program Files (x86)\ASUS
2017-08-30 02:05 - 2017-08-30 02:05 - 000000000 ____D C:\Windows\System32\Tasks\ASUS
2017-08-30 02:05 - 2017-08-30 02:05 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS
2017-08-30 02:05 - 2017-08-29 23:25 - 000000000 ____D C:\Users\Avik\AppData\Local\NVIDIA Corporation
2017-08-30 02:05 - 2017-08-29 23:25 - 000000000 ____D C:\Users\Avik\AppData\Local\NVIDIA
2017-08-30 02:05 - 2010-05-27 00:11 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-08-30 02:05 - 2010-05-27 00:11 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-08-30 02:05 - 2010-05-27 00:11 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-08-30 02:05 - 2010-05-27 00:11 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-08-30 02:05 - 2010-05-27 00:11 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-08-30 02:05 - 2010-05-27 00:11 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-08-30 02:04 - 2017-09-07 02:41 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-30 02:04 - 2017-08-29 23:26 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-30 02:04 - 2017-08-29 23:25 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-30 02:04 - 2017-08-22 06:31 - 001615448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-08-30 02:04 - 2017-08-22 06:31 - 000512960 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-08-30 02:04 - 2017-08-22 06:31 - 000418752 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-08-30 02:04 - 2017-08-22 06:31 - 000218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-08-30 02:04 - 2017-08-22 06:31 - 000046453 _____ C:\Windows\system32\nvinfo.pb
2017-08-30 02:04 - 2017-08-22 04:40 - 006463424 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-08-30 02:04 - 2017-08-22 04:40 - 002479224 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-08-30 02:04 - 2017-08-22 04:40 - 001762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-08-30 02:04 - 2017-08-22 04:40 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-08-30 02:04 - 2017-08-22 04:40 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-08-30 02:04 - 2017-08-19 12:40 - 008142301 _____ C:\Windows\system32\nvcoproc.bin
2017-08-30 02:04 - 2014-07-03 02:18 - 001890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2017-08-30 02:04 - 2014-07-03 02:18 - 001539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2017-08-30 02:02 - 2017-08-23 00:27 - 015600248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-08-30 02:02 - 2017-08-22 06:31 - 026427560 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-08-30 02:02 - 2017-08-22 06:31 - 004210360 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-08-30 02:02 - 2017-08-22 06:31 - 003712024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-08-30 02:02 - 2014-07-03 02:18 - 000835032 _____ C:\Windows\system32\nvmcumd.dll
2017-08-30 02:01 - 2017-08-30 02:01 - 000000000 ____D C:\ProgramData\Google
2017-08-30 02:01 - 2017-08-30 02:01 - 000000000 ____D C:\Program Files\Google
2017-08-30 02:01 - 2017-08-29 23:25 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-30 02:00 - 2017-09-07 02:40 - 000000000 ____D C:\Users\Avik\AppData\Local\Google
2017-08-30 02:00 - 2017-09-06 00:07 - 000003344 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-30 02:00 - 2017-09-06 00:07 - 000003120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-08-30 01:56 - 2017-08-30 02:53 - 000000000 ____D C:\ProgramData\Adobe
2017-08-30 01:56 - 2012-07-31 05:34 - 000690832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2017-08-30 01:56 - 2012-07-31 05:34 - 000074344 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-08-30 01:52 - 2017-08-30 01:52 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2017-08-30 01:52 - 2017-08-30 01:52 - 000000000 ____D C:\Program Files\Realtek
2017-08-30 01:52 - 2012-10-30 15:29 - 004201104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2017-08-30 01:52 - 2012-10-30 14:13 - 000369117 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2017-08-30 01:52 - 2012-10-29 14:04 - 002703456 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2017-08-30 01:52 - 2012-10-29 12:10 - 009378304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2017-08-30 01:52 - 2012-10-25 12:15 - 000116880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2017-08-30 01:52 - 2012-10-23 09:00 - 003671696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2017-08-30 01:52 - 2012-10-22 17:18 - 001269904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2017-08-30 01:52 - 2012-10-03 15:26 - 000772224 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2017-08-30 01:52 - 2012-09-24 14:02 - 007601528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2017-08-30 01:52 - 2012-09-24 14:02 - 002080120 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2017-08-30 01:52 - 2012-09-20 20:14 - 001460600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2017-08-30 01:52 - 2012-09-19 22:29 - 000869752 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2017-08-30 01:52 - 2012-09-12 07:21 - 002743440 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2017-08-30 01:52 - 2012-09-09 12:04 - 002028920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2017-08-30 01:52 - 2012-08-31 16:48 - 007164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2017-08-30 01:52 - 2012-08-31 16:47 - 000434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2017-08-30 01:52 - 2012-08-31 16:47 - 000141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2017-08-30 01:52 - 2012-08-31 16:47 - 000124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2017-08-30 01:52 - 2012-08-31 16:47 - 000075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2017-08-30 01:52 - 2012-08-21 12:21 - 000881808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2017-08-30 01:52 - 2012-08-13 15:36 - 001561744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2017-08-30 01:52 - 2012-07-15 18:43 - 000394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2017-08-30 01:52 - 2012-07-15 18:43 - 000394616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2017-08-30 01:52 - 2012-01-30 09:13 - 000836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2017-08-30 01:52 - 2012-01-10 07:50 - 000065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2017-08-30 01:52 - 2011-12-20 13:02 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2017-08-30 01:52 - 2011-11-22 13:58 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2017-08-30 01:52 - 2011-09-02 11:51 - 000221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2017-08-30 01:52 - 2011-09-02 11:51 - 000081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2017-08-30 01:52 - 2011-09-02 11:51 - 000078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2017-08-30 01:52 - 2011-08-23 14:30 - 000603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2017-08-30 01:52 - 2011-03-17 09:47 - 001361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2017-08-30 01:52 - 2011-03-07 14:41 - 000148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2017-08-30 01:52 - 2010-11-08 05:01 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2017-08-30 01:52 - 2010-11-08 05:01 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2017-08-30 01:52 - 2010-11-08 05:01 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2017-08-30 01:52 - 2010-11-08 05:01 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2017-08-30 01:52 - 2010-11-08 05:01 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2017-08-30 01:52 - 2010-11-08 05:01 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2017-08-30 01:52 - 2010-11-03 16:00 - 000149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2017-08-30 01:52 - 2010-09-27 07:04 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2017-08-30 01:52 - 2010-07-22 14:18 - 000074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2017-08-30 01:52 - 2009-11-24 07:25 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2017-08-30 01:52 - 2009-11-24 07:25 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2017-08-30 01:52 - 2009-11-24 07:25 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2017-08-30 01:52 - 2009-11-24 07:25 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2017-08-30 01:51 - 2017-08-30 02:06 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-30 01:51 - 2017-08-30 01:56 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-08-30 01:51 - 2017-08-30 01:52 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-08-30 01:51 - 2012-10-02 12:11 - 000501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2017-08-30 01:51 - 2012-10-02 12:11 - 000487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2017-08-30 01:51 - 2012-10-02 12:11 - 000415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2017-08-30 01:51 - 2012-08-03 15:48 - 001706640 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2017-08-30 01:51 - 2012-06-20 14:56 - 000110592 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2017-08-30 01:51 - 2012-03-08 09:17 - 000202336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2017-08-30 01:51 - 2012-03-08 09:17 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 001756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 001568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 001486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2017-08-30 01:51 - 2011-05-31 07:12 - 000241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2017-08-30 01:50 - 2017-08-30 01:50 - 000000000 ____D C:\ProgramData\Intel
2017-08-30 01:50 - 2017-08-30 01:50 - 000000000 ____D C:\Program Files\Intel
2017-08-30 01:50 - 2012-07-02 19:46 - 000062784 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2017-08-30 01:50 - 2012-06-21 21:43 - 000015168 ____R (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2017-08-30 01:49 - 2017-08-30 01:50 - 000000000 ____D C:\Program Files (x86)\Intel
2017-08-30 01:49 - 2017-08-30 01:49 - 000000000 ____D C:\Intel
2017-08-30 01:49 - 2012-07-04 16:25 - 000053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2017-08-30 01:46 - 2017-09-03 16:17 - 000875126 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-30 01:45 - 2017-08-30 01:45 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-08-30 01:45 - 2017-08-29 23:21 - 000002364 _____ C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-30 01:45 - 2017-08-29 23:21 - 000000000 ___RD C:\Users\Avik\OneDrive
2017-08-30 01:44 - 2017-08-30 01:44 - 000000000 ____D C:\Users\Avik\AppData\Local\Publishers
2017-08-30 01:43 - 2017-09-07 02:39 - 000000000 ____D C:\Users\Avik
2017-08-30 01:43 - 2017-08-30 02:00 - 000000000 ____D C:\Users\Avik\AppData\Local\Packages
2017-08-30 01:43 - 2017-08-30 01:43 - 000016148 _____ C:\Windows\system32\DESKTOP-CE5TDPD_defaultuser0_HistoryPrediction.bin
2017-08-30 01:43 - 2017-08-30 01:43 - 000000020 ___SH C:\Users\Avik\ntuser.ini
2017-08-30 01:43 - 2017-08-30 01:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-30 01:43 - 2017-08-30 01:43 - 000000000 ____D C:\Windows\CSC
2017-08-30 01:43 - 2017-08-30 01:43 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Adobe
2017-08-30 01:43 - 2017-08-30 01:43 - 000000000 ____D C:\Users\Avik\AppData\Local\TileDataLayer
2017-08-30 01:40 - 2015-07-10 16:29 - 002718208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2017-08-29 23:25 - 2017-08-29 23:25 - 000004000 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-29 23:25 - 2017-08-29 23:25 - 000003994 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-29 23:25 - 2017-08-29 23:25 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-08-29 23:25 - 2017-08-29 23:25 - 000000000 ____D C:\Users\Avik\AppData\Local\CEF
2017-08-29 23:25 - 2017-08-22 06:31 - 001923192 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2017-08-29 23:25 - 2017-08-22 06:31 - 001755256 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2017-08-29 23:25 - 2017-08-22 06:31 - 001505912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2017-08-29 23:25 - 2017-08-22 06:31 - 001317496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2017-08-29 23:25 - 2017-08-22 06:31 - 000121464 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2017-08-29 23:24 - 2017-08-29 23:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-08-29 23:24 - 2017-08-29 23:24 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-08-29 23:24 - 2017-08-22 06:31 - 000179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-08-29 23:24 - 2017-08-22 06:31 - 000146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-08-29 23:24 - 2017-08-22 04:03 - 000135800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-08-29 23:24 - 2017-06-16 01:02 - 000541984 _____ C:\Windows\system32\vulkan-1.dll
2017-08-29 23:24 - 2017-06-16 01:02 - 000525088 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-08-29 23:24 - 2017-06-16 01:02 - 000254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-08-29 23:24 - 2017-06-16 01:02 - 000233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-08-29 23:23 - 2017-08-22 06:31 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-08-29 23:21 - 2017-08-29 23:21 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2778354026-2690110298-1722166411-1001
2017-08-29 23:21 - 2017-08-22 06:31 - 000057976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2017-08-29 23:21 - 2017-08-22 06:31 - 000048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2017-08-29 23:20 - 2017-08-29 23:20 - 000000000 ____D C:\Users\Avik\AppData\Roaming\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-07 02:38 - 2015-07-10 17:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-07 02:37 - 2015-07-10 14:35 - 000131072 ___SH C:\Windows\system32\config\BBI
2017-09-07 01:06 - 2015-07-10 16:34 - 000000000 ___HD C:\Windows\ELAMBKUP
2017-09-07 01:06 - 2015-07-10 16:32 - 000000000 ____D C:\Windows\INF
2017-09-05 13:12 - 2015-07-10 16:25 - 000000000 ____D C:\Windows\CbsTemp
2017-09-04 01:46 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\system32\NDF
2017-09-02 19:59 - 2015-07-10 16:34 - 000000117 _____ C:\Windows\win.ini
2017-09-02 15:33 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\rescache
2017-09-01 11:10 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\LiveKernelReports
2017-09-01 01:22 - 2015-07-10 14:35 - 000032768 ___SH C:\Windows\system32\config\ELAM
2017-08-30 09:17 - 2015-07-10 16:34 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-30 04:39 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\appcompat
2017-08-30 02:37 - 2015-07-10 16:34 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2017-08-30 02:05 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\AppReadiness
2017-08-30 02:04 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\Help
2017-08-30 01:59 - 2015-07-10 16:34 - 000000000 ___RD C:\Windows\DevicesFlow
2017-08-30 01:50 - 2015-07-10 16:34 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-08-30 01:43 - 2015-07-10 16:34 - 000000000 ___RD C:\Windows\PurchaseDialog
2017-08-30 01:43 - 2015-07-10 16:34 - 000000000 ___RD C:\Windows\PrintDialog
2017-08-30 01:43 - 2015-07-10 16:34 - 000000000 ___RD C:\Windows\MiracastView
2017-08-30 01:43 - 2015-07-10 16:34 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-08-30 01:40 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\system32\spool
2017-08-30 01:40 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\system32\FxsTmp
2017-08-30 01:39 - 2015-07-10 14:35 - 000000000 ____D C:\Windows\system32\Sysprep
2017-08-30 00:15 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-30 00:15 - 2015-07-10 16:34 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2017-09-06 15:29 - 2017-09-06 15:29 - 000007605 _____ () C:\Users\Avik\AppData\Local\Resmon.ResmonCfg
2017-09-07 02:40 - 2017-09-07 02:40 - 000000004 ____H () C:\ProgramData\cm-lock

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-08-30 01:38

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Avik (07-09-2017 03:24:02)
Running from E:\SOFTWARS\Antivirus
Windows 10 Pro (X64) (2017-08-29 20:12:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2778354026-2690110298-1722166411-500 - Administrator - Disabled)
Avik (S-1-5-21-2778354026-2690110298-1722166411-1001 - Administrator - Enabled) => C:\Users\Avik
DefaultAccount (S-1-5-21-2778354026-2690110298-1722166411-503 - Limited - Disabled)
Guest (S-1-5-21-2778354026-2690110298-1722166411-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Quick Heal Total Security (Enabled - Up to date) {0F4D060D-5F75-6E6C-0E6D-3DE7271FA74E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
AS: Quick Heal Total Security (Enabled - Up to date) {B42CE7E9-794F-61E2-34DD-06955C98EDF3}
FW: Quick Heal Firewall (Enabled) {37768728-151A-6F34-2532-94D2D9CCE035}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.0.0.1069 - 360 Security Center)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.026 - ASUSTek Computer Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
f.lux (HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\Flux) (Version: - )
Far Cry 4 (HKLM-x32\...\Far Cry 4_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.20.286 - SurfRight B.V.)
Icecream Screen Recorder version 3.66 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 3.66 - Icecream Apps)
Intel(R) Desktop Utilities (HKLM-x32\...\{F01CBA59-B5BD-4608-A834-1CBE8C292A71}) (Version: 1.0.0 - Intel Corporation)
Intel(R) Integrator Toolkit 5 (HKLM-x32\...\{E7597FFE-2C87-4939-89E6-38EF01C247DF}) (Version: 1.0.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.2.2 - PandoraTV)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 55.0.3 (x64 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Graphics Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Quick Heal Total Security (HKLM\...\{75DEED91-7B14-49DC-A5F3-B60E633AC4A5}) (Version: 17.00 - Quick Heal) Hidden
Quick Heal Total Security (HKLM\...\Quick Heal Total Security) (Version: 17.00 - Quick Heal Technologies Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WinRAR 5.30 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2017-06-23] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2016-07-23] (Quick Heal Technologies Ltd.)
ContextMenuHandlers1-x32: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => C:\Program Files\Quick Heal\Quick Heal Total Security\RCSCAN.DLL [2016-07-23] (Quick Heal Technologies Ltd.)
ContextMenuHandlers1-x32: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2016-11-25] ()
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-10-28] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-10-28] (Alexander Roshal)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4-x32: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2016-07-23] (Quick Heal Technologies Ltd.)
ContextMenuHandlers4-x32: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2016-11-25] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [DeleteSecurely] -> {13C39C87-76A0-4CD6-A2E8-2984C6B84160} => C:\Program Files\Quick Heal\Quick Heal Total Security\PCTuner\sdshell.dll [2016-07-23] (Quick Heal Technologies Ltd.)
ContextMenuHandlers6-x32: [RCScan] -> {362A3A82-5EF4-422F-817F-A17EBA53E67C} => C:\Program Files\Quick Heal\Quick Heal Total Security\RCSCAN.DLL [2016-07-23] (Quick Heal Technologies Ltd.)
ContextMenuHandlers6-x32: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2016-11-25] ()
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-10-28] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-10-28] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2B17D7FC-FBAB-4E6E-8F9D-45835EE3191B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {3EC7998F-10E9-421C-B2AB-8944F9566789} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-22] (NVIDIA Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe generaltel.dll,RunTelemetryW
Task: {490C4BC0-BEFB-4926-BD74-CF241AE59C49} - System32\Tasks\Resume Quickup Download => C:\Program Files\Quick Heal\Quick Heal Total Security\ACAPPAA.EXE [2017-07-25] (Quick Heal Technologies Ltd.)
Task: {5D48854C-B8D9-4A76-8803-016B7975C734} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {7E101CAE-ABE7-498D-84D3-58BCC80231BA} - System32\Tasks\Quick Heal AntiMalware Scan => C:\Program Files\Quick Heal\Quick Heal Total Security\ASMAIN.EXE [2017-06-15] (Quick Heal Technologies Ltd.)
Task: {8DB6C449-03BD-4974-B433-79D394AC41F9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-22] (NVIDIA Corporation)
Task: {996E9A6F-C13E-45EE-95E5-1998FFEFF460} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-22] (NVIDIA Corporation)
Task: {A55B9DF5-F928-453C-912C-BEF206228892} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-22] (NVIDIA Corporation)
Task: {C3A6672B-E2A5-42B9-894A-1A818D773419} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C49468D3-2344-4E6E-883D-A0EF5AB2FF56} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {D58AC702-326B-449A-B90F-F58BFFBAB1D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-06] (Google Inc.)
Task: {D694381F-8238-4E41-93F3-72CAED30A2F1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-03-26] (ASUSTek Computer Inc.)
Task: {D7557597-5539-478A-B0C0-15CBB29742D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-22] (NVIDIA Corporation)
Task: {E08B502F-F714-4217-8BDC-0F83F08E9198} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-06] (Google Inc.)
Task: {EB53ACD4-F3D6-462D-AE58-825AD22A08A6} - System32\Tasks\{A9D60657-216F-4CC3-A723-3361E6E101AC} => C:\Windows\system32\pcalua.exe -a "E:\SOFTWARS\Antivirus\Malwarebytes Anti-Malware Premium v3.1.2.1733 PreActivated\Malwarebytes Anti-Malware Premium v3.1.2.1733 PreActivated\Setup\Malwarebytes Anti-Malware Premium v3.1.2.1733 PreActivated.exe" -d "E:\SOFTWARS\Antivirus\Malwarebytes Anti-Malware Premium v3.1.2.1733 PreActivated\M (the data entry has 64 more characters).

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Quick Heal AntiMalware Scan.job => C:\Program Files\Quick Heal\Quick Heal Total Security\ASMAIN.EXE
Task: C:\Windows\Tasks\Resume Quickup Download.job => C:\Program Files\Quick Heal\Quick Heal Total Security\ACAPPAA.EXE

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-07-10 16:30 - 2015-07-10 16:30 - 000032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2015-07-10 16:29 - 2015-07-10 16:29 - 000403968 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2012-01-17 23:54 - 2012-01-17 23:54 - 000055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-09-03 16:13 - 2017-09-03 16:25 - 002260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-08-29 23:24 - 2017-08-22 06:31 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-07-10 16:30 - 2015-07-10 16:30 - 002498296 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-07-10 16:29 - 2015-07-10 16:29 - 000429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 006579712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 000471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 002274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 16:30 - 2015-07-10 18:44 - 000210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2017-09-07 02:40 - 2017-09-04 13:42 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.79\libglesv2.dll
2017-09-07 02:40 - 2017-09-04 13:42 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.79\libegl.dll
2017-09-06 00:06 - 2016-11-25 18:05 - 000099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2017-09-06 00:06 - 2016-11-25 18:05 - 000584616 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2017-08-30 01:50 - 2012-06-25 15:11 - 001198912 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2017-08-29 23:24 - 2017-08-22 06:31 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:CM_36faabd924501fcd2f743302621d89eb425ec11f74fef19a5e0fe69c3f0b5201 [74]
AlternateDataStreams: C:\Windows:CM_e0501b65315a77c6cde279a3a8d62a1a6c48bf2c2e353a3654218165115f1673 [74]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 16:34 - 2017-09-07 00:40 - 000000830 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Avik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.0.1 - 172.31.4.48
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2778354026-2690110298-1722166411-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_8792BD90C06119FBEB1D92F7E17D8836"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8D266A05-1759-4D53-A009-1FBBCD266E0B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C1FC987B-578D-4D7E-89E8-EBB76A81836E}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C4174F7D-A1DD-4D79-8078-D8CCD73D51F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{73FE4B57-52B2-4A9C-AB7B-BFF92348C584}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{E64B51FF-15B8-403E-B4B7-4C26CACF5044}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Restore Points =========================

02-09-2017 01:37:23 JRT Pre-Junkware Removal
02-09-2017 10:21:08 JRT Pre-Junkware Removal
04-09-2017 01:39:08 JRT Pre-Junkware Removal
05-09-2017 03:52:55 JRT Pre-Junkware Removal
05-09-2017 03:54:34 JRT Pre-Junkware Removal
06-09-2017 00:57:28 JRT Pre-Junkware Removal
06-09-2017 20:43:36 JRT Pre-Junkware Removal
07-09-2017 02:15:34 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2017 03:23:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.

Error: (09/07/2017 03:23:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.

Error: (09/07/2017 03:22:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.

Error: (09/07/2017 03:22:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.

Error: (09/07/2017 03:21:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.

Error: (09/07/2017 03:21:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.

Error: (09/07/2017 03:20:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.

Error: (09/07/2017 03:20:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.

Error: (09/07/2017 03:19:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.

Error: (09/07/2017 03:19:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.


System errors:
=============
Error: (09/07/2017 02:36:59 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Core Browsing Protection service has reported an invalid current state 32.

Error: (09/07/2017 02:36:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (09/07/2017 02:36:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).

Error: (09/07/2017 02:15:55 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the NVIDIA Display Container LS service, but this action failed with the following error:
An instance of the service is already running.

Error: (09/07/2017 02:15:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.

Error: (09/07/2017 02:15:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.

Error: (09/07/2017 01:06:17 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.

Error: (09/07/2017 12:25:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.

Error: (09/07/2017 12:25:03 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Core Browsing Protection service has reported an invalid current state 32.

Error: (09/07/2017 12:24:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 60%
Total physical RAM: 4060.05 MB
Available physical RAM: 1623.73 MB
Total Virtual: 5724.05 MB
Available Virtual: 2589.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:150.51 GB) (Free:21.94 GB) NTFS
Drive d: () (Fixed) (Total:112.2 GB) (Free:26.52 GB) NTFS
Drive e: () (Fixed) (Total:202.56 GB) (Free:88.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A635396)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=202.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 
#6
I see some JRT entries in your log file:

02-09-2017 10:21:08 JRT Pre-Junkware Removal
04-09-2017 01:39:08 JRT Pre-Junkware Removal
05-09-2017 03:52:55 JRT Pre-Junkware Removal
05-09-2017 03:54:34 JRT Pre-Junkware Removal
06-09-2017 00:57:28 JRT Pre-Junkware Removal
06-09-2017 20:43:36 JRT Pre-Junkware Removal
07-09-2017 02:15:34 JRT Pre-Junkware Removal
Click to expand...

Have you tried cleaning the system prior to seeking our assistance?

We will need a log from AdwCleaner for further information.

Please download a copy of AdwCleaner from HERE, it is important to download it to your desktop.

Once downloaded to the desktop AdwCleaner will create an icon
2016-08-13_160702-jpg.828

Should you receive any security warnings or your User Account Control warning appears whilst you are using this application you can safely allow AdwCleaner to continue.

Before running AdwCleaner please ensure all other programs and browsers are closed, then double left click the icon to open it.

AdwCleaner will open, click the scan button to start searching.

adw-scan-jpg.829


The scan may take some time to complete, and when it has any malware found will be automatically selected for quarantining. Click the "Cleaning" button.

adwclean-jpg.830


After a few seconds a message should tell you your computer will now reboot. Allow the reboot.

When the computer restarts a log file will be displayed, but if its closed for any reason before copying the contents, you will find a copy of the file if you navigate to C:\AdwCleaner[s#].txt

2016-08-13_162447-jpg.831


Please Copy and Paste the contents of the log file with your next reply.
 
#7
I see that you have a P2P (Peer-to-Peer) file sharing program installed. I highly recommend that you consider uninstalling it. P2P programs represent a security threat to the information on your system as they allow others to access your system. Just look at the number of high profile compromises in the news as a result of P2P software:
Data about Obama's helicopter breached via P2P?
Leak of congressional ethics document prompts calls for cybersecurity probe
Walter Reed suffers peer-to-peer data breach
Update: Seattle man arrested for p-to-p ID theft

In many cases P2P programs also represent a risk of infection from the program itself, as some have installed adware/spyware, or other programs without consent. Even if the program itself is clean, many P2P networks are riddled with malware, and it's often the newest, most difficult to remove malware. There are many risks associated with P2P programs, none are worth the risks. If you don't uninstall the P2P software, we will continue to clean your system, but realize that it's likely only a matter of time before you are infected again.
 
#8
I tried to clean before with JRT but it continues. JRT and adwcleaner generated log files-

# AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 06 22:06:40 2017
# Updated on 2017/29/08 by Malwarebytes
# Database: 08-29-2017.2
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by Avik (Administrator) on Fri 09/01/2017 at 18:20:24.89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_8792BD90C06119FBEB1D92F7E17D8836 (Registry Value)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/01/2017 at 18:23:27.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Attachments

  • JRT.txt
    702 bytes · Views: 9
  • AdwCleaner[S0].txt
    944 bytes · Views: 9
#9
Zoek Scan

Disable your antivirus prior to this scan.
Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (XP Users double click)
Copy and paste the items in red below and paste them into Zoek.

createsrpoint;
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
ipconfig /flushdns;b
ResetHosts;
autoclean;

Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    1.5 KB · Views: 15
#11
Hello sir, when I tried to hit RUN SCRIPT option an error called PEVZ.EXE - Application Error appeared and it contains "The application was unable to start correctly (0xc0000142). Click OK to close the application."
 
#15
Hello sir,
Sorry for my late reply. I had to go. Sir, I have done the steps you have mentioned above and these are those log files-
 

Attachments

  • zoek-results.log
    7.1 KB · Views: 14
  • FRST.txt
    74.6 KB · Views: 9
  • Addition.txt
    25.2 KB · Views: 11
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu